Home >Backend Development >PHP Tutorial >Detailed explanation of PHP escaping_PHP tutorial

Detailed explanation of PHP escaping_PHP tutorial

WBOY
WBOYOriginal
2016-07-20 11:13:03889browse

Magic reference function for data in php magic_quotes_gpc or magic_quotes_runtime

When set to on, backslashes are automatically added when the data we quote encounters single quotes ', double quotes " and backslashes, helping us automatically translate symbols and ensure the correct operation of data operations
The difference between the two:

magic_quotes_gpc
Scope is: WEB client server;
Time of action: The request starts, for example when the script is running.

magic_quotes_runtime
Scope: Data read from a file or the result of executing exec() or obtained from a SQL query;
Time of action: Every time the script accesses data generated in the running state .

It can be seen that
the setting value of magic_quotes_gpc will affect the data obtained through Get/Post/Cookies
The setting value of magic_quotes_runtime will affect the data read from the file or obtained from the database query Data

Several functions that I want to associate:

set_magic_quotes_runtime():
Set the magic_quotes_runtime value. 0=off. 1=on. The default state is off. You can view magic_quotes_runtime through echo phpinfo();
get_magic_quotes_gpc():
View the magic_quotes_gpc value .0=off.1=on
get_magic_quotes_runtime():
View magic_quotes_runtime value. 0=off. 1=on.
Note that there is no set_magic_quotes_gpc() function, that is, the value of magic_quotes_gpc cannot be set in the program.

Due to the setting problem of the two values, it will cause some confusion during programming or add an extra escape. In this case, it is necessary to set and judge at the beginning of the program, or configure the two by default
The values ​​are all off. The escaping part is performed programmatically.

To ensure that data is inserted normally, addslashes is usually used to process it. When reading data, stripslashes is often used to remove added backslashes

Similar character conversion functions in php
addslashes Adds a backslash before the specified predefined character Removed by addslashes() function Added backslashes
htmlspecialchars Convert some predefined characters to HTML entities
htmlspecialchars_decode Convert some predefined HTML entities to characters
html_entity_decode() Convert HTML entities to characters
htmlentities() Convert characters to HTML entities

http://www.bkjia.com/PHPjc/440407.html

www.bkjia.comtruehttp: //www.bkjia.com/PHPjc/440407.htmlTechArticleWhen magic_quotes_gpc or magic_quotes_runtime is set to on, the data we quote encounters single quotes. ' and double quotes" and backslashes are automatically added...
Statement:
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn